summaryrefslogtreecommitdiffstats
path: root/shell/source/win32/SysShExec.cxx
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--shell/source/win32/SysShExec.cxx436
1 files changed, 436 insertions, 0 deletions
diff --git a/shell/source/win32/SysShExec.cxx b/shell/source/win32/SysShExec.cxx
new file mode 100644
index 000000000..7be77d634
--- /dev/null
+++ b/shell/source/win32/SysShExec.cxx
@@ -0,0 +1,436 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * This file incorporates work covered by the following license notice:
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed
+ * with this work for additional information regarding copyright
+ * ownership. The ASF licenses this file to you under the Apache
+ * License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.apache.org/licenses/LICENSE-2.0 .
+ */
+
+#include <algorithm>
+#include <cassert>
+#include <cstddef>
+#include <string_view>
+
+#include <osl/diagnose.h>
+#include <osl/process.h>
+#include <sal/log.hxx>
+#include "SysShExec.hxx"
+#include <osl/file.hxx>
+#include <sal/macros.h>
+#include <com/sun/star/lang/IllegalArgumentException.hpp>
+#include <com/sun/star/security/AccessControlException.hpp>
+#include <com/sun/star/system/SystemShellExecuteException.hpp>
+#include <com/sun/star/system/SystemShellExecuteFlags.hpp>
+#include <com/sun/star/uri/UriReferenceFactory.hpp>
+#include <cppuhelper/supportsservice.hxx>
+#include <o3tl/char16_t2wchar_t.hxx>
+#include <o3tl/runtimetooustring.hxx>
+#include <o3tl/safeCoInitUninit.hxx>
+#include <o3tl/string_view.hxx>
+
+#include <prewin.h>
+#include <Shlobj.h>
+#include <systools/win32/comtools.hxx>
+#include <postwin.h>
+
+using namespace ::com::sun::star::system::SystemShellExecuteFlags;
+
+namespace
+{
+ /* This is the error table that defines the mapping between OS error
+ codes and errno values */
+
+ struct errentry {
+ unsigned long oscode; /* OS return value */
+ int errnocode; /* System V error code */
+ };
+
+ struct errentry errtable[] = {
+ { ERROR_SUCCESS, osl_File_E_None }, /* 0 */
+ { ERROR_INVALID_FUNCTION, osl_File_E_INVAL }, /* 1 */
+ { ERROR_FILE_NOT_FOUND, osl_File_E_NOENT }, /* 2 */
+ { ERROR_PATH_NOT_FOUND, osl_File_E_NOENT }, /* 3 */
+ { ERROR_TOO_MANY_OPEN_FILES, osl_File_E_MFILE }, /* 4 */
+ { ERROR_ACCESS_DENIED, osl_File_E_ACCES }, /* 5 */
+ { ERROR_INVALID_HANDLE, osl_File_E_BADF }, /* 6 */
+ { ERROR_ARENA_TRASHED, osl_File_E_NOMEM }, /* 7 */
+ { ERROR_NOT_ENOUGH_MEMORY, osl_File_E_NOMEM }, /* 8 */
+ { ERROR_INVALID_BLOCK, osl_File_E_NOMEM }, /* 9 */
+ { ERROR_BAD_ENVIRONMENT, osl_File_E_2BIG }, /* 10 */
+ { ERROR_BAD_FORMAT, osl_File_E_NOEXEC }, /* 11 */
+ { ERROR_INVALID_ACCESS, osl_File_E_INVAL }, /* 12 */
+ { ERROR_INVALID_DATA, osl_File_E_INVAL }, /* 13 */
+ { ERROR_INVALID_DRIVE, osl_File_E_NOENT }, /* 15 */
+ { ERROR_CURRENT_DIRECTORY, osl_File_E_ACCES }, /* 16 */
+ { ERROR_NOT_SAME_DEVICE, osl_File_E_XDEV }, /* 17 */
+ { ERROR_NO_MORE_FILES, osl_File_E_NOENT }, /* 18 */
+ { ERROR_LOCK_VIOLATION, osl_File_E_ACCES }, /* 33 */
+ { ERROR_BAD_NETPATH, osl_File_E_NOENT }, /* 53 */
+ { ERROR_NETWORK_ACCESS_DENIED, osl_File_E_ACCES }, /* 65 */
+ { ERROR_BAD_NET_NAME, osl_File_E_NOENT }, /* 67 */
+ { ERROR_FILE_EXISTS, osl_File_E_EXIST }, /* 80 */
+ { ERROR_CANNOT_MAKE, osl_File_E_ACCES }, /* 82 */
+ { ERROR_FAIL_I24, osl_File_E_ACCES }, /* 83 */
+ { ERROR_INVALID_PARAMETER, osl_File_E_INVAL }, /* 87 */
+ { ERROR_NO_PROC_SLOTS, osl_File_E_AGAIN }, /* 89 */
+ { ERROR_DRIVE_LOCKED, osl_File_E_ACCES }, /* 108 */
+ { ERROR_BROKEN_PIPE, osl_File_E_PIPE }, /* 109 */
+ { ERROR_DISK_FULL, osl_File_E_NOSPC }, /* 112 */
+ { ERROR_INVALID_TARGET_HANDLE, osl_File_E_BADF }, /* 114 */
+ { ERROR_INVALID_HANDLE, osl_File_E_INVAL }, /* 124 */
+ { ERROR_WAIT_NO_CHILDREN, osl_File_E_CHILD }, /* 128 */
+ { ERROR_CHILD_NOT_COMPLETE, osl_File_E_CHILD }, /* 129 */
+ { ERROR_DIRECT_ACCESS_HANDLE, osl_File_E_BADF }, /* 130 */
+ { ERROR_NEGATIVE_SEEK, osl_File_E_INVAL }, /* 131 */
+ { ERROR_SEEK_ON_DEVICE, osl_File_E_ACCES }, /* 132 */
+ { ERROR_DIR_NOT_EMPTY, osl_File_E_NOTEMPTY }, /* 145 */
+ { ERROR_NOT_LOCKED, osl_File_E_ACCES }, /* 158 */
+ { ERROR_BAD_PATHNAME, osl_File_E_NOENT }, /* 161 */
+ { ERROR_MAX_THRDS_REACHED, osl_File_E_AGAIN }, /* 164 */
+ { ERROR_LOCK_FAILED, osl_File_E_ACCES }, /* 167 */
+ { ERROR_ALREADY_EXISTS, osl_File_E_EXIST }, /* 183 */
+ { ERROR_FILENAME_EXCED_RANGE, osl_File_E_NOENT }, /* 206 */
+ { ERROR_NESTING_NOT_ALLOWED, osl_File_E_AGAIN }, /* 215 */
+ { ERROR_NOT_ENOUGH_QUOTA, osl_File_E_NOMEM } /* 1816 */
+ };
+
+ /* size of the table */
+ #define ERRTABLESIZE (SAL_N_ELEMENTS(errtable))
+
+ /* The following two constants must be the minimum and maximum
+ values in the (contiguous) range of osl_File_E_xec Failure errors. */
+ #define MIN_EXEC_ERROR ERROR_INVALID_STARTING_CODESEG
+ #define MAX_EXEC_ERROR ERROR_INFLOOP_IN_RELOC_CHAIN
+
+ /* These are the low and high value in the range of errors that are
+ access violations */
+ #define MIN_EACCES_RANGE ERROR_WRITE_PROTECT
+ #define MAX_EACCES_RANGE ERROR_SHARING_BUFFER_EXCEEDED
+
+
+ /*******************************************************************************/
+
+ oslFileError _mapError( DWORD dwError )
+ {
+ unsigned i;
+
+ /* check the table for the OS error code */
+ for ( i = 0; i < ERRTABLESIZE; ++i )
+ {
+ if ( dwError == errtable[i].oscode )
+ return static_cast<oslFileError>(errtable[i].errnocode);
+ }
+
+ /* The error code wasn't in the table. We check for a range of */
+ /* osl_File_E_ACCES errors or exec failure errors (ENOEXEC). Otherwise */
+ /* osl_File_E_INVAL is returned. */
+
+ if ( dwError >= MIN_EACCES_RANGE && dwError <= MAX_EACCES_RANGE)
+ return osl_File_E_ACCES;
+ else if ( dwError >= MIN_EXEC_ERROR && dwError <= MAX_EXEC_ERROR)
+ return osl_File_E_NOEXEC;
+ else
+ return osl_File_E_INVAL;
+ }
+
+ #define MapError( oserror ) _mapError( oserror )
+
+ #define E_UNKNOWN_EXEC_ERROR -1
+}
+
+CSysShExec::CSysShExec( const css::uno::Reference< css::uno::XComponentContext >& xContext ) :
+ WeakComponentImplHelper< css::system::XSystemShellExecute, css::lang::XServiceInfo >( m_aMutex ),
+ m_xContext(xContext),
+ mnNbCallCoInitializeExForReinit(0)
+{
+ /*
+ * As this service is declared thread-affine, it is ensured to be called from a
+ * dedicated thread, so initialize COM here.
+ *
+ * We need COM to be initialized for STA, but osl thread get initialized for MTA.
+ * Once this changed, we can remove the uninitialize call.
+ */
+ o3tl::safeCoInitializeEx(COINIT_APARTMENTTHREADED, mnNbCallCoInitializeExForReinit);
+}
+CSysShExec::~CSysShExec()
+{
+ o3tl::safeCoUninitializeReinit(COINIT_MULTITHREADED, mnNbCallCoInitializeExForReinit);
+}
+
+namespace
+{
+bool checkExtension(std::u16string_view extension, std::u16string_view denylist) {
+ assert(!extension.empty());
+ for (std::size_t i = 0; i != std::u16string_view::npos;) {
+ std::u16string_view tok = o3tl::getToken(denylist, ';', i);
+ o3tl::starts_with(tok, u'.', &tok);
+ if (o3tl::equalsIgnoreAsciiCase(extension, tok)) {
+ return false;
+ }
+ }
+ return true;
+}
+
+// This callback checks if the found window is the specified process's top-level window,
+// and activates the first found such window.
+BOOL CALLBACK FindAndActivateProcWnd(HWND hwnd, LPARAM lParam)
+{
+ if (!IsWindowVisible(hwnd))
+ return TRUE; // continue enumeration
+ if (GetWindow(hwnd, GW_OWNER)) // not a top-level window
+ return TRUE; // continue enumeration
+ const DWORD nParamProcId = static_cast<DWORD>(lParam);
+ assert(nParamProcId != 0);
+ DWORD nWndProcId = 0;
+ (void)GetWindowThreadProcessId(hwnd, &nWndProcId);
+ if (nWndProcId != nParamProcId)
+ return TRUE; // continue enumeration
+
+ // Found it! Bring it to front
+ if (IsIconic(hwnd))
+ {
+ ShowWindow(hwnd, SW_RESTORE);
+ }
+ SetForegroundWindow(hwnd);
+ SetActiveWindow(hwnd);
+ return FALSE; // stop enumeration
+}
+}
+
+void SAL_CALL CSysShExec::execute( const OUString& aCommand, const OUString& aParameter, sal_Int32 nFlags )
+{
+ // parameter checking
+ if (0 == aCommand.getLength())
+ throw css::lang::IllegalArgumentException(
+ "Empty command",
+ static_cast< css::system::XSystemShellExecute* >( this ),
+ 1 );
+
+ if ((nFlags & ~(NO_SYSTEM_ERROR_MESSAGE | URIS_ONLY)) != 0)
+ throw css::lang::IllegalArgumentException(
+ "Invalid Flags specified",
+ static_cast< css::system::XSystemShellExecute* >( this ),
+ 3 );
+
+ OUString preprocessed_command(aCommand);
+ if ((nFlags & URIS_ONLY) != 0)
+ {
+ css::uno::Reference< css::uri::XUriReference > uri(
+ css::uri::UriReferenceFactory::create(m_xContext)->parse(aCommand));
+ if (!(uri.is() && uri->isAbsolute()))
+ {
+ throw css::lang::IllegalArgumentException(
+ "XSystemShellExecute.execute URIS_ONLY with"
+ " non-absolute URI reference "
+ + aCommand,
+ static_cast< cppu::OWeakObject * >(this), 0);
+ }
+ if (uri->getScheme().equalsIgnoreAsciiCase("file")) {
+ // ShellExecuteExW appears to ignore the fragment of a file URL anyway, so remove it:
+ uri->clearFragment();
+ OUString pathname;
+ auto const e1
+ = osl::FileBase::getSystemPathFromFileURL(uri->getUriReference(), pathname);
+ if (e1 != osl::FileBase::E_None) {
+ throw css::lang::IllegalArgumentException(
+ ("XSystemShellExecute.execute, getSystemPathFromFileURL <" + aCommand
+ + "> failed with " + OUString::number(e1)),
+ {}, 0);
+ }
+ const int MAX_LONG_PATH = 32767; // max longpath on WinNT
+ if (pathname.getLength() >= MAX_LONG_PATH)
+ {
+ throw css::lang::IllegalArgumentException(
+ "XSystemShellExecute.execute, path <" + pathname + "> too long", {}, 0);
+ }
+ preprocessed_command = pathname;
+ wchar_t path[MAX_LONG_PATH];
+ wcscpy_s(path, o3tl::toW(pathname.getStr()));
+ for (int i = 0;; ++i) {
+ // tdf#130216: normalize c:\path\to\something\..\else into c:\path\to\else
+ if (PathResolve(path, nullptr, PRF_VERIFYEXISTS | PRF_REQUIREABSOLUTE) == 0)
+ {
+ throw css::lang::IllegalArgumentException(
+ OUString::Concat(u"XSystemShellExecute.execute, PathResolve(") + o3tl::toU(path)
+ + ") failed",
+ {}, 0);
+ }
+ SHFILEINFOW info;
+ if (SHGetFileInfoW(path, 0, &info, sizeof info, SHGFI_EXETYPE) != 0)
+ {
+ throw css::security::AccessControlException(
+ "XSystemShellExecute.execute, cannot process <" + aCommand + ">", {}, {});
+ }
+ if (SHGetFileInfoW(path, 0, &info, sizeof info, SHGFI_ATTRIBUTES) == 0)
+ {
+ throw css::lang::IllegalArgumentException(
+ OUString::Concat(u"XSystemShellExecute.execute, SHGetFileInfoW(") + o3tl::toU(path) + ") failed", {},
+ 0);
+ }
+ if ((info.dwAttributes & SFGAO_LINK) == 0) {
+ break;
+ }
+ sal::systools::COMReference<IShellLinkW> link;
+ try
+ {
+ link.CoCreateInstance(CLSID_ShellLink, nullptr, CLSCTX_INPROC_SERVER);
+ }
+ catch (sal::systools::ComError& e)
+ {
+ throw css::lang::IllegalArgumentException(
+ ("XSystemShellExecute.execute, CoCreateInstance failed with "
+ + OUString::number(e.GetHresult())),
+ {}, 0);
+ }
+ sal::systools::COMReference<IPersistFile> file;
+ try {
+ file = link.QueryInterface<IPersistFile>(sal::systools::COM_QUERY_THROW);
+ } catch(sal::systools::ComError & e3) {
+ throw css::lang::IllegalArgumentException(
+ ("XSystemShellExecute.execute, QueryInterface failed with: "
+ + o3tl::runtimeToOUString(e3.what())),
+ {}, 0);
+ }
+ HRESULT e2 = file->Load(path, STGM_READ);
+ if (FAILED(e2)) {
+ throw css::lang::IllegalArgumentException(
+ ("XSystemShellExecute.execute, IPersistFile.Load failed with "
+ + OUString::number(e2)),
+ {}, 0);
+ }
+ e2 = link->Resolve(nullptr, SLR_UPDATE | SLR_NO_UI);
+ if (FAILED(e2)) {
+ throw css::lang::IllegalArgumentException(
+ ("XSystemShellExecute.execute, IShellLink.Resolve failed with "
+ + OUString::number(e2)),
+ {}, 0);
+ }
+ WIN32_FIND_DATAW wfd;
+ e2 = link->GetPath(path, SAL_N_ELEMENTS(path), &wfd, SLGP_RAWPATH);
+ if (FAILED(e2)) {
+ throw css::lang::IllegalArgumentException(
+ ("XSystemShellExecute.execute, IShellLink.GetPath failed with "
+ + OUString::number(e2)),
+ {}, 0);
+ }
+ // Fail at some arbitrary nesting depth, to avoid an infinite loop:
+ if (i == 30) {
+ throw css::lang::IllegalArgumentException(
+ "XSystemShellExecute.execute, link depth exceeded for <" + aCommand + ">",
+ {}, 0);
+ }
+ }
+ pathname = o3tl::toU(path);
+ // ShellExecuteExW appears to ignore trailing dots, so remove them:
+ while (pathname.endsWith(".", &pathname)) {}
+ auto const n = pathname.lastIndexOf('.');
+ if (n > pathname.lastIndexOf('\\')) {
+ auto const ext = pathname.copy(n + 1);
+ if (!ext.isEmpty()) {
+ OUString env;
+ if (osl_getEnvironment(OUString("PATHEXT").pData, &env.pData)
+ != osl_Process_E_None)
+ {
+ SAL_INFO("shell", "osl_getEnvironment(PATHEXT) failed");
+ }
+ if (!(checkExtension(ext, env)
+ && checkExtension(
+ ext,
+ u".ADE;.ADP;.APK;.APPLICATION;.APPX;.APPXBUNDLE;.BAT;.CAB;.CHM;.CLASS;"
+ ".CMD;.COM;.CPL;.DLL;.DMG;.EX;.EX_;.EXE;.GADGET;.HTA;.INF;.INS;.IPA;"
+ ".ISO;.ISP;.JAR;.JS;.JSE;.LIB;.LNK;.MDE;.MSC;.MSH;.MSH1;.MSH2;.MSHXML;"
+ ".MSH1XML;.MSH2XML;.MSI;.MSIX;.MSIXBUNDLE;.MSP;.MST;.NSH;.PIF;.PS1;"
+ ".PS1XML;.PS2;.PS2XML;.PSC1;.PSC2;.PY;.REG;.SCF;.SCR;.SCT;.SHB;.SYS;"
+ ".VB;.VBE;.VBS;.VXD;.WS;.WSC;.WSF;.WSH;")))
+ {
+ throw css::security::AccessControlException(
+ "XSystemShellExecute.execute, cannot process <" + aCommand + ">", {},
+ {});
+ }
+ }
+ }
+ }
+ }
+
+ SHELLEXECUTEINFOW sei;
+ ZeroMemory(&sei, sizeof( sei));
+
+ sei.cbSize = sizeof(sei);
+ sei.lpFile = o3tl::toW(preprocessed_command.getStr());
+ sei.lpParameters = o3tl::toW(aParameter.getStr());
+ sei.nShow = SW_SHOWNORMAL;
+ sei.fMask = SEE_MASK_NOCLOSEPROCESS; // we need sei.hProcess
+
+ if (NO_SYSTEM_ERROR_MESSAGE & nFlags)
+ sei.fMask |= SEE_MASK_FLAG_NO_UI;
+
+ SetLastError( 0 );
+
+ bool bRet = ShellExecuteExW(&sei);
+
+ if (!bRet && (nFlags & NO_SYSTEM_ERROR_MESSAGE))
+ {
+ // ShellExecuteEx fails to set an error code
+ // we return osl_File_E_INVAL
+ sal_Int32 psxErr = GetLastError();
+ if (ERROR_SUCCESS == psxErr)
+ psxErr = E_UNKNOWN_EXEC_ERROR;
+ else
+ psxErr = MapError(psxErr);
+
+ throw css::system::SystemShellExecuteException(
+ "Error executing command",
+ static_cast< css::system::XSystemShellExecute* >(this),
+ psxErr);
+ }
+ else
+ {
+ // Get Permission make changes to the Window of the created Process
+ const DWORD procId = GetProcessId(sei.hProcess);
+ if (procId != 0)
+ {
+ AllowSetForegroundWindow(procId);
+ WaitForInputIdle(sei.hProcess, 1000); // so that main window is created; imperfect
+ EnumWindows(FindAndActivateProcWnd, static_cast<LPARAM>(procId));
+ }
+ }
+
+ // Close the handle for the created childprocess when we are done
+ CloseHandle(sei.hProcess);
+}
+
+// XServiceInfo
+
+OUString SAL_CALL CSysShExec::getImplementationName( )
+{
+ return "com.sun.star.sys.shell.SystemShellExecute";
+}
+
+sal_Bool SAL_CALL CSysShExec::supportsService( const OUString& ServiceName )
+{
+ return cppu::supportsService(this, ServiceName);
+}
+
+css::uno::Sequence< OUString > SAL_CALL CSysShExec::getSupportedServiceNames( )
+{
+ return { "com.sun.star.system.SystemShellExecute" };
+}
+
+extern "C" SAL_DLLPUBLIC_EXPORT css::uno::XInterface*
+shell_CSysShExec_get_implementation(
+ css::uno::XComponentContext* context, css::uno::Sequence<css::uno::Any> const&)
+{
+ return cppu::acquire(new CSysShExec(context));
+}
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */